Viewing docs for stackit v0.0.4
published on Friday, Feb 20, 2026 by stackitcloud
published on Friday, Feb 20, 2026 by stackitcloud
Viewing docs for stackit v0.0.4
published on Friday, Feb 20, 2026 by stackitcloud
published on Friday, Feb 20, 2026 by stackitcloud
KMS Key datasource schema. Uses the default_region specified in the provider configuration as a fallback in case no region is defined on datasource level.
Example Usage
data "stackit_kms_key" "key" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
keyring_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
key_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
Using getKmsKey
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getKmsKey(args: GetKmsKeyArgs, opts?: InvokeOptions): Promise<GetKmsKeyResult>
function getKmsKeyOutput(args: GetKmsKeyOutputArgs, opts?: InvokeOptions): Output<GetKmsKeyResult>def get_kms_key(key_id: Optional[str] = None,
keyring_id: Optional[str] = None,
project_id: Optional[str] = None,
region: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetKmsKeyResult
def get_kms_key_output(key_id: Optional[pulumi.Input[str]] = None,
keyring_id: Optional[pulumi.Input[str]] = None,
project_id: Optional[pulumi.Input[str]] = None,
region: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetKmsKeyResult]func LookupKmsKey(ctx *Context, args *LookupKmsKeyArgs, opts ...InvokeOption) (*LookupKmsKeyResult, error)
func LookupKmsKeyOutput(ctx *Context, args *LookupKmsKeyOutputArgs, opts ...InvokeOption) LookupKmsKeyResultOutput> Note: This function is named LookupKmsKey in the Go SDK.
public static class GetKmsKey
{
public static Task<GetKmsKeyResult> InvokeAsync(GetKmsKeyArgs args, InvokeOptions? opts = null)
public static Output<GetKmsKeyResult> Invoke(GetKmsKeyInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetKmsKeyResult> getKmsKey(GetKmsKeyArgs args, InvokeOptions options)
public static Output<GetKmsKeyResult> getKmsKey(GetKmsKeyArgs args, InvokeOptions options)
fn::invoke:
function: stackit:index/getKmsKey:getKmsKey
arguments:
# arguments dictionaryThe following arguments are supported:
- key_
id str - The ID of the key
- keyring_
id str - The ID of the associated key ring
- project_
id str - STACKIT project ID to which the key is associated.
- region str
- The resource region. If not defined, the provider region is used.
getKmsKey Result
The following output properties are available:
- Access
Scope string - The access scope of the key. Default is
PUBLIC. Possible values are:PUBLIC,SNA. - Algorithm string
- The encryption algorithm that the key will use to encrypt data. Possible values are:
aes_256_gcm,rsa_2048_oaep_sha256,rsa_3072_oaep_sha256,rsa_4096_oaep_sha256,rsa_4096_oaep_sha512,hmac_sha256,hmac_sha384,hmac_sha512,ecdsa_p256_sha256,ecdsa_p384_sha384,ecdsa_p521_sha512. - Description string
- A user chosen description to distinguish multiple keys
- Display
Name string - The display name to distinguish multiple keys
- Id string
- Import
Only bool - States whether versions can be created or only imported.
- Key
Id string - The ID of the key
- Keyring
Id string - The ID of the associated key ring
- Project
Id string - STACKIT project ID to which the key is associated.
- Protection string
- The underlying system that is responsible for protecting the key material. Possible values are:
software. - Purpose string
- The purpose for which the key will be used. Possible values are:
symmetric_encrypt_decrypt,asymmetric_encrypt_decrypt,message_authentication_code,asymmetric_sign_verify. - Region string
- The resource region. If not defined, the provider region is used.
- Access
Scope string - The access scope of the key. Default is
PUBLIC. Possible values are:PUBLIC,SNA. - Algorithm string
- The encryption algorithm that the key will use to encrypt data. Possible values are:
aes_256_gcm,rsa_2048_oaep_sha256,rsa_3072_oaep_sha256,rsa_4096_oaep_sha256,rsa_4096_oaep_sha512,hmac_sha256,hmac_sha384,hmac_sha512,ecdsa_p256_sha256,ecdsa_p384_sha384,ecdsa_p521_sha512. - Description string
- A user chosen description to distinguish multiple keys
- Display
Name string - The display name to distinguish multiple keys
- Id string
- Import
Only bool - States whether versions can be created or only imported.
- Key
Id string - The ID of the key
- Keyring
Id string - The ID of the associated key ring
- Project
Id string - STACKIT project ID to which the key is associated.
- Protection string
- The underlying system that is responsible for protecting the key material. Possible values are:
software. - Purpose string
- The purpose for which the key will be used. Possible values are:
symmetric_encrypt_decrypt,asymmetric_encrypt_decrypt,message_authentication_code,asymmetric_sign_verify. - Region string
- The resource region. If not defined, the provider region is used.
- access
Scope String - The access scope of the key. Default is
PUBLIC. Possible values are:PUBLIC,SNA. - algorithm String
- The encryption algorithm that the key will use to encrypt data. Possible values are:
aes_256_gcm,rsa_2048_oaep_sha256,rsa_3072_oaep_sha256,rsa_4096_oaep_sha256,rsa_4096_oaep_sha512,hmac_sha256,hmac_sha384,hmac_sha512,ecdsa_p256_sha256,ecdsa_p384_sha384,ecdsa_p521_sha512. - description String
- A user chosen description to distinguish multiple keys
- display
Name String - The display name to distinguish multiple keys
- id String
- import
Only Boolean - States whether versions can be created or only imported.
- key
Id String - The ID of the key
- keyring
Id String - The ID of the associated key ring
- project
Id String - STACKIT project ID to which the key is associated.
- protection String
- The underlying system that is responsible for protecting the key material. Possible values are:
software. - purpose String
- The purpose for which the key will be used. Possible values are:
symmetric_encrypt_decrypt,asymmetric_encrypt_decrypt,message_authentication_code,asymmetric_sign_verify. - region String
- The resource region. If not defined, the provider region is used.
- access
Scope string - The access scope of the key. Default is
PUBLIC. Possible values are:PUBLIC,SNA. - algorithm string
- The encryption algorithm that the key will use to encrypt data. Possible values are:
aes_256_gcm,rsa_2048_oaep_sha256,rsa_3072_oaep_sha256,rsa_4096_oaep_sha256,rsa_4096_oaep_sha512,hmac_sha256,hmac_sha384,hmac_sha512,ecdsa_p256_sha256,ecdsa_p384_sha384,ecdsa_p521_sha512. - description string
- A user chosen description to distinguish multiple keys
- display
Name string - The display name to distinguish multiple keys
- id string
- import
Only boolean - States whether versions can be created or only imported.
- key
Id string - The ID of the key
- keyring
Id string - The ID of the associated key ring
- project
Id string - STACKIT project ID to which the key is associated.
- protection string
- The underlying system that is responsible for protecting the key material. Possible values are:
software. - purpose string
- The purpose for which the key will be used. Possible values are:
symmetric_encrypt_decrypt,asymmetric_encrypt_decrypt,message_authentication_code,asymmetric_sign_verify. - region string
- The resource region. If not defined, the provider region is used.
- access_
scope str - The access scope of the key. Default is
PUBLIC. Possible values are:PUBLIC,SNA. - algorithm str
- The encryption algorithm that the key will use to encrypt data. Possible values are:
aes_256_gcm,rsa_2048_oaep_sha256,rsa_3072_oaep_sha256,rsa_4096_oaep_sha256,rsa_4096_oaep_sha512,hmac_sha256,hmac_sha384,hmac_sha512,ecdsa_p256_sha256,ecdsa_p384_sha384,ecdsa_p521_sha512. - description str
- A user chosen description to distinguish multiple keys
- display_
name str - The display name to distinguish multiple keys
- id str
- import_
only bool - States whether versions can be created or only imported.
- key_
id str - The ID of the key
- keyring_
id str - The ID of the associated key ring
- project_
id str - STACKIT project ID to which the key is associated.
- protection str
- The underlying system that is responsible for protecting the key material. Possible values are:
software. - purpose str
- The purpose for which the key will be used. Possible values are:
symmetric_encrypt_decrypt,asymmetric_encrypt_decrypt,message_authentication_code,asymmetric_sign_verify. - region str
- The resource region. If not defined, the provider region is used.
- access
Scope String - The access scope of the key. Default is
PUBLIC. Possible values are:PUBLIC,SNA. - algorithm String
- The encryption algorithm that the key will use to encrypt data. Possible values are:
aes_256_gcm,rsa_2048_oaep_sha256,rsa_3072_oaep_sha256,rsa_4096_oaep_sha256,rsa_4096_oaep_sha512,hmac_sha256,hmac_sha384,hmac_sha512,ecdsa_p256_sha256,ecdsa_p384_sha384,ecdsa_p521_sha512. - description String
- A user chosen description to distinguish multiple keys
- display
Name String - The display name to distinguish multiple keys
- id String
- import
Only Boolean - States whether versions can be created or only imported.
- key
Id String - The ID of the key
- keyring
Id String - The ID of the associated key ring
- project
Id String - STACKIT project ID to which the key is associated.
- protection String
- The underlying system that is responsible for protecting the key material. Possible values are:
software. - purpose String
- The purpose for which the key will be used. Possible values are:
symmetric_encrypt_decrypt,asymmetric_encrypt_decrypt,message_authentication_code,asymmetric_sign_verify. - region String
- The resource region. If not defined, the provider region is used.
Package Details
- Repository
- stackit stackitcloud/pulumi-stackit
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
stackitTerraform Provider.
Viewing docs for stackit v0.0.4
published on Friday, Feb 20, 2026 by stackitcloud
published on Friday, Feb 20, 2026 by stackitcloud
